Samsung keylogger accusations prove false

Samsung shot down claims Thursday that it installs keylogger software on its laptops, according to an official statement by the company. The denial follows an “internal investigation” launched by Samsung on Wednesday after the publication of a report that some of its laptops came loaded with a keylogger.

In an article posted to Network World, security consultant Mohammed Hassan claimed to have found the StarLogger spyware installed on both a factory-sealed Samsung R525 laptop and a brand new R540 model, after he had performed a series of virus scans. On both devices, the offending software was located in the c:\windows\SL directory, say Hassan.

StarLogger is a publicly available commercial spyware that records every stroke made on a computer’s keyboard and can send that information to a third party without the knowledge of the computer’s user.

When Hassan confronted Samsung with his discovery, a company support representative confirmed that the company knew that the software had been installed on its computers, and said that it was used to “monitor the performance of the machine and to find out how it is being used.”

“In other words,” writes Hassan, “Samsung wanted to gather usage data without obtaining consent from laptop owners.” If true, such an action could cause the technology company to face serious legal consequences.

According to Samsung, however, Mr. Hassan has it all wrong.

“Our findings indicate that the person mentioned in the article used a security program called VIPRE that mistook a folder created by Microsoft’s Live Application for a key logging software, during a virus scan,” says Samsung in an official statement on the matter. “The confusion arose because VIPRE mistook Microsoft’s Live Application multi-language support folder, “SL, as StarLogger.

Additional testing by a variety of independent sources, like ZNet‘s Adrian Kingsley-Hughes, confirms Samsung’s claims that the keylogger finding is actually a false-positive result by VIPRE.